Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/5d56e5-838a-43f3-b52c-14efc982867f/1/NJC7BkdpvnVT2zuYQW1iF3GvCDw.roa
File:                     NJC7BkdpvnVT2zuYQW1iF3GvCDw.roa (raw, json)
Hash identifier:          8fKGV96HYNYydBR5M8sXQX6BfQBv1pO4XBwB85nNfUc=
Subject key identifier:   34:90:BB:06:47:69:BE:75:53:DB:3B:98:41:6D:62:17:71:AF:08:3C
Certificate issuer:       /CN=fc5b53dfa8316093c172b4315922ef17e65f051d
Certificate serial:       01841E27BCE80B1619CE6E48B0EE6DDDFF8C
Authority key identifier: FC:5B:53:DF:A8:31:60:93:C1:72:B4:31:59:22:EF:17:E6:5F:05:1D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_FtT36gxYJPBcrQxWSLvF-ZfBR0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d4/5d56e5-838a-43f3-b52c-14efc982867f/1/NJC7BkdpvnVT2zuYQW1iF3GvCDw.roa
Signing time:             Fri 28 Oct 2022 10:33:51 +0000
ROA not before:           Fri 28 Oct 2022 10:33:51 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     3257
IP address blocks:        89.116.64.0/22 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:1e:27:bc:e8:0b:16:19:ce:6e:48:b0:ee:6d:dd:ff:8c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fc5b53dfa8316093c172b4315922ef17e65f051d
        Validity
            Not Before: Oct 28 10:33:51 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=3490bb064769be7553db3b98416d621771af083c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:7f:52:9d:b1:84:8a:33:4e:5f:2f:32:4c:b3:
                    b3:7c:b8:13:f7:83:78:6e:43:62:a8:90:e8:09:29:
                    54:0e:00:90:c6:8b:6c:c2:ea:df:4b:10:52:d1:b8:
                    13:64:bf:ef:3e:cd:7b:45:5c:7d:8c:52:81:70:05:
                    cb:fe:d9:6a:bb:2b:34:74:c2:f2:1f:4d:f0:de:be:
                    39:1c:3d:ab:96:0d:f5:10:08:f5:1e:87:7d:0d:6d:
                    52:17:1c:16:2f:49:bf:01:54:64:c5:d9:28:34:9e:
                    01:26:f1:5a:24:00:7c:94:42:93:05:88:22:88:26:
                    a2:e5:ca:81:a3:5e:88:79:dc:be:9b:20:95:c0:5b:
                    c1:7c:33:5b:83:3a:24:63:01:82:b6:b3:f3:7e:e3:
                    52:55:55:b9:b9:9a:a5:b6:cf:cd:8a:e3:ac:ce:f8:
                    66:0f:8d:a4:39:03:78:0e:e8:ab:60:d1:15:95:d6:
                    c9:23:7d:dc:5d:63:f8:d9:44:65:40:fc:c7:db:ba:
                    f4:3c:98:58:35:52:05:df:da:6e:e0:8a:00:72:59:
                    3d:55:be:96:59:d5:09:58:ca:5a:c5:81:28:dd:e3:
                    0f:8b:76:0d:7c:8e:23:52:e9:50:79:3b:98:fc:0d:
                    66:07:75:dc:d2:8c:99:33:31:dd:c9:0d:07:8b:c0:
                    27:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:90:BB:06:47:69:BE:75:53:DB:3B:98:41:6D:62:17:71:AF:08:3C
            X509v3 Authority Key Identifier:
                keyid:FC:5B:53:DF:A8:31:60:93:C1:72:B4:31:59:22:EF:17:E6:5F:05:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_FtT36gxYJPBcrQxWSLvF-ZfBR0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/5d56e5-838a-43f3-b52c-14efc982867f/1/NJC7BkdpvnVT2zuYQW1iF3GvCDw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/5d56e5-838a-43f3-b52c-14efc982867f/1/_FtT36gxYJPBcrQxWSLvF-ZfBR0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.116.64.0/22

    Signature Algorithm: sha256WithRSAEncryption
         10:e6:6b:33:a1:ea:5e:7e:d2:a1:8b:8f:85:55:1d:6a:48:20:
         56:0c:95:3e:c3:f6:8b:c9:c8:87:f1:28:e7:89:3d:9b:ca:cd:
         42:62:e5:c1:0d:7e:da:f5:18:8a:73:ad:f0:1e:2f:8e:4d:0c:
         1f:5a:a7:f8:bb:14:52:d8:ad:48:be:44:48:6f:e0:e4:d5:e5:
         f2:06:61:e7:c5:6d:b3:fa:fb:f3:07:1e:8e:1e:21:57:c9:f5:
         f6:b4:fd:b4:f0:b5:a0:18:e4:8b:db:17:4a:2e:b3:51:40:e1:
         f9:28:89:ef:6a:fc:c9:6b:20:d8:f5:0b:ad:31:9a:ee:38:f5:
         8c:1b:a5:0f:fa:ac:39:a8:0c:38:bc:6a:9e:1a:9e:27:14:a4:
         85:ad:72:e5:b2:a6:21:b8:38:6e:e4:1b:d5:a1:7b:af:4c:31:
         60:1a:cf:32:69:22:b2:11:55:f8:95:84:a4:06:1d:0a:5d:a7:
         8e:c6:90:3c:b7:13:00:82:20:b3:cc:a2:6f:a7:85:d9:ed:61:
         bf:9a:00:53:e7:ae:08:ec:57:62:8d:da:2a:2c:92:f0:a1:0e:
         1c:05:a4:f6:8d:0d:6a:88:1f:a3:33:db:95:37:20:74:d3:64:
         9e:b1:5f:f6:ff:fd:02:42:ac:cc:2b:85:06:00:73:7a:2e:55:
         3f:db:d2:17
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYQeJ7zoCxYZzm5IsO5t3f+MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjNWI1M2RmYTgzMTYwOTNjMTcyYjQzMTU5MjJlZjE3ZTY1
ZjA1MWQwHhcNMjIxMDI4MTAzMzUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDkwYmIwNjQ3NjliZTc1NTNkYjNiOTg0MTZkNjIxNzcxYWYwODNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA339SnbGEijNOXy8yTLOzfLgT94N4
bkNiqJDoCSlUDgCQxotswurfSxBS0bgTZL/vPs17RVx9jFKBcAXL/tlquys0dMLy
H03w3r45HD2rlg31EAj1Hod9DW1SFxwWL0m/AVRkxdkoNJ4BJvFaJAB8lEKTBYgi
iCai5cqBo16Iedy+myCVwFvBfDNbgzokYwGCtrPzfuNSVVW5uZqlts/NiuOszvhm
D42kOQN4DuirYNEVldbJI33cXWP42URlQPzH27r0PJhYNVIF39pu4IoAclk9Vb6W
WdUJWMpaxYEo3eMPi3YNfI4jUulQeTuY/A1mB3Xc0oyZMzHdyQ0Hi8AnQQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDSQuwZHab51U9s7mEFtYhdxrwg8MB8GA1UdIwQY
MBaAFPxbU9+oMWCTwXK0MVki7xfmXwUdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0Z0VDM2Z3hZSlBCY3JReFdTTHZGLVpmQlIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC81ZDU2ZTUtODM4YS00M2YzLWI1MmMt
MTRlZmM5ODI4NjdmLzEvTkpDN0JrZHB2blZUMnp1WVFXMWlGM0d2Q0R3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC81ZDU2ZTUtODM4YS00M2YzLWI1MmMtMTRlZmM5ODI4Njdm
LzEvX0Z0VDM2Z3hZSlBCY3JReFdTTHZGLVpmQlIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCWXRAMA0G
CSqGSIb3DQEBCwUAA4IBAQAQ5mszoepeftKhi4+FVR1qSCBWDJU+w/aLyciH8Sjn
iT2bys1CYuXBDX7a9RiKc63wHi+OTQwfWqf4uxRS2K1IvkRIb+Dk1eXyBmHnxW2z
+vvzBx6OHiFXyfX2tP208LWgGOSL2xdKLrNRQOH5KInvavzJayDY9QutMZruOPWM
G6UP+qw5qAw4vGqeGp4nFKSFrXLlsqYhuDhu5BvVoXuvTDFgGs8yaSKyEVX4lYSk
Bh0KXaeOxpA8txMAgiCzzKJvp4XZ7WG/mgBT564I7FdijdoqLJLwoQ4cBaT2jQ1q
iB+jM9uVNyB002SesV/2//0CQqzMK4UGAHN6LlU/29IX
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:18 2024 by rpki-client on console-ams.rpki-client.org